ISO/IEC 27005 Information Security Risk Management Risk Manager (PECB Certified) - Including Exam

This training course is intended for:

- Managers or consultants involved in or responsible for information security in an organization
- Individuals responsible for managing information security risks
- Members of information security teams, IT professionals, and privacy officers
- Individuals responsible for maintaining conformity with the information security requirements of ISO/IEC 27001 in an organization
- Project managers, consultants, or expert advisers seeking to master the management of information security risks

Upon the successful completion of this training course, you will be able to:

• Explain the risk management concepts and principles outlined by ISO/IEC 27005 and ISO 31000
• Establish, maintain, and improve an information security risk management framework based on the guidelines of ISO/IEC 27005
• Apply information security risk management processes based on the guidelines of ISO/IEC 27005
• Plan and establish risk communication and consultation activities

Day 1: Introduction to ISO/IEC 27005 and risk management

Day 2: Risk assessment, risk treatment, and risk communication and consultation based on ISO/IEC 27005

Day 3: Risk recording and reporting, monitoring and review, and risk assessment methods

The “PECB Certified ISO/IEC 27005 Risk Manager” exam meets all the requirements of the PECB Examination and Certification Program (ECP). It covers the following competency domains:

• Domain 1: Fundamental principles and concepts of information security risk management
• Domain 2: Implementation of an information security risk management program
• Domain 3: Information security risk management framework and processes based on ISO/IEC 27005
• Domain 4: Other information security risk assessment methods

After successfully completing the exam, you can apply for one of the credentials listed below. You will receive a certificate once you meet all the requirements related to the selected credential.

PECB Certified ISO/IEC 27005 Provisional Risk Manager

• Exam: PECB Certified ISO/IEC 27005 Risk Manager exam or equivalent
• Professional experience: None
• Risk management experience: None
• Other requirements: Signing the PECB Code of Ethics

PECB Certified ISO/IEC 27005 Risk Manager

• Exam: PECB Certified ISO/IEC 27005 Risk Manager exam or equivalent
• Professional experience: Two years, including one year of work experience in information security risk management
• Risk management experience: Information security risk management activities totaling 200 hours
• Other requirements: Signing the PECB Code of Ethics

To be considered valid, these information security activities should follow best implementation and management practices and include the following:

• Defining a risk management approach
• Determining the risk management objectives and scope
• Conducting a risk assessment
• Developing a risk management program
• Defining risk evaluation and risk acceptance criteria
• Evaluating risk treatment options
• Monitoring and reviewing the risk management program

Educational approach

- The training course is based on the theory and the best practices of information security.
- The training course provides practical examples and scenarios.
- Participants are encouraged to actively participate and engage in discussions and exercises and quizzes.
- Quizzes are similar in structure with the certification exam.

General Information

- Certification fees and examination fees are included in the price of the training course.
- Participants of the training course will receive over 350 pages of training materials, containing valuable information and practical examples.
- Participants of the training course will receive an attestation of course completion worth 21 CPD (Continuing Professional Development) credits.
- Participants who have completed the training course and failed to pass the exam, are eligible to retake it once for free within a 12-month period from the initial date of the exam.